Alan Baugher

Changing Identity Management Services Accounts' Passwords; After the 1st Install & Ad-Hoc (to meet audit compliance)

Discussion created by Alan Baugher Employee on Aug 25, 2015
Latest reply on May 3, 2018 by KevinMurphyCA

Hello All,


A common challenges for service accounts, after that 1st install, is these are "known" passwords to many team members or may become "stale" with regard to internal governance policies.


The deck (pdf) enclosed outlines the list of service accounts, the location of the password hash, the separation of duties (SOD) & functionality performed by each service account (this assume not one ID was used), and a primary method to update the password.   If possible, a secondary method is also offered, if there are any issues with the primary method.



Also enclosed process, to force workstation/laptop to a particular ADS DC for testing the CA IM AD Reverse Password Sync Agent on selected DCs from one workstation; to allow full unit testing to each DCs.


Kind Regards,





Edit: 4/23/2018  Moving location for better view for all resources, clients, & partners.